Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/01b1ef-233b-4d6f-8dcf-ceec49124c0f/1/7qhvL47_ZorZXPkJb1aiLTjPXsE.roa
File: 7qhvL47_ZorZXPkJb1aiLTjPXsE.roa (raw, json)
Hash identifier: d3KArkSDvgKISGeAU0tLC9o6Wno3YuLZNaBMddndG3Q=
Subject key identifier: EE:A8:6F:2F:8E:FF:66:8A:D9:5C:F9:09:6F:56:A2:2D:38:CF:5E:C1
Certificate issuer: /CN=49dd8f1a62a5d7f80212de0f3efe75b2fa338ffe
Certificate serial: 019E25BBFA323D103FB09B524B90CB978876
Authority key identifier: 49:DD:8F:1A:62:A5:D7:F8:02:12:DE:0F:3E:FE:75:B2:FA:33:8F:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sd2PGmKl1_gCEt4PPv51svozj_4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/01b1ef-233b-4d6f-8dcf-ceec49124c0f/1/7qhvL47_ZorZXPkJb1aiLTjPXsE.roa
Signing time: Thu 14 May 2026 09:05:36 +0000
ROA not before: Thu 14 May 2026 09:05:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215597
IP address blocks: 5.181.196.0/24 maxlen: 24
5.181.197.0/24 maxlen: 24
82.199.222.0/23 maxlen: 23
82.199.222.0/24 maxlen: 24
82.199.223.0/24 maxlen: 24
91.213.191.0/24 maxlen: 24
91.217.185.0/24 maxlen: 24
185.90.252.0/24 maxlen: 24
185.95.206.0/23 maxlen: 23
185.95.206.0/24 maxlen: 24
185.95.207.0/24 maxlen: 24
212.95.142.0/24 maxlen: 24
212.95.148.0/24 maxlen: 24
212.95.156.0/24 maxlen: 24
212.95.158.0/24 maxlen: 24
223.25.127.0/24 maxlen: 24
2a12:f680:200::/48 maxlen: 48
2a12:f680:201::/48 maxlen: 48
2a12:f680:204::/48 maxlen: 48
2a12:f680:205::/48 maxlen: 48
2a12:f680:206::/48 maxlen: 48
2a12:f680:207::/48 maxlen: 48
2a12:f680:208::/48 maxlen: 48
2a12:f680:214::/48 maxlen: 48
2a12:f680:220::/43 maxlen: 43
2a12:f680:220::/45 maxlen: 45
2a12:f680:228::/45 maxlen: 45
2a12:f680:230::/45 maxlen: 45
2a12:f680:238::/45 maxlen: 45
2a12:f680:240::/43 maxlen: 43
2a12:f680:240::/45 maxlen: 45
2a12:f680:248::/45 maxlen: 45
2a12:f680:250::/45 maxlen: 45
2a12:f680:258::/45 maxlen: 45
2a12:f680:260::/43 maxlen: 43
2a12:f680:260::/45 maxlen: 45
2a12:f680:268::/45 maxlen: 45
2a12:f680:270::/45 maxlen: 45
2a12:f680:278::/45 maxlen: 45
2a12:f680:600::/48 maxlen: 48
2a12:f680:601::/48 maxlen: 48
2a12:f680:602::/48 maxlen: 48
2a12:f680:604::/48 maxlen: 48
2a12:f680:606::/48 maxlen: 48
2a12:f680:620::/43 maxlen: 43
2a12:f680:620::/45 maxlen: 45
2a12:f680:628::/45 maxlen: 45
2a12:f680:630::/45 maxlen: 45
2a12:f680:638::/45 maxlen: 45
2a12:f680:640::/43 maxlen: 43
2a12:f680:640::/45 maxlen: 45
2a12:f680:648::/45 maxlen: 45
2a12:f680:650::/45 maxlen: 45
2a12:f680:658::/45 maxlen: 45
2a12:f680:660::/43 maxlen: 43
2a12:f680:660::/45 maxlen: 45
2a12:f680:668::/45 maxlen: 45
2a12:f680:670::/45 maxlen: 45
2a12:f680:678::/45 maxlen: 45
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/01b1ef-233b-4d6f-8dcf-ceec49124c0f/1/Sd2PGmKl1_gCEt4PPv51svozj_4.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/01b1ef-233b-4d6f-8dcf-ceec49124c0f/1/Sd2PGmKl1_gCEt4PPv51svozj_4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Sd2PGmKl1_gCEt4PPv51svozj_4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 07:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:25:bb:fa:32:3d:10:3f:b0:9b:52:4b:90:cb:97:88:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49dd8f1a62a5d7f80212de0f3efe75b2fa338ffe
Validity
Not Before: May 14 09:05:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=eea86f2f8eff668ad95cf9096f56a22d38cf5ec1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:f7:89:c9:7f:ab:e6:a5:42:49:5f:1a:77:94:
cc:21:82:62:78:e7:a4:bb:df:97:6e:f6:01:2c:90:
e0:13:62:0c:47:da:b1:f8:a8:57:c1:47:84:c9:7a:
ec:14:b2:63:29:55:6a:06:9c:2b:3d:1e:c8:83:a2:
6c:75:01:d6:95:10:f8:55:2d:17:85:52:33:bb:b1:
cd:d2:05:2e:2f:69:68:a6:c1:fa:0f:fe:65:ee:55:
2d:4f:02:94:4d:4f:12:c8:ba:45:86:de:c6:92:7b:
25:d7:bd:34:0d:61:cc:07:2e:50:23:4d:63:17:5d:
f1:33:c7:eb:09:db:93:94:7c:b2:44:58:37:2c:08:
93:96:47:af:4b:b7:30:3c:15:60:6f:2a:2b:bc:12:
66:7c:95:cb:55:c6:b6:46:3c:5f:da:d9:13:2f:59:
3e:6a:24:15:d9:af:c8:25:31:9b:d3:c0:15:1c:99:
da:94:ab:9c:13:46:a9:8a:54:1f:b5:ea:f0:46:8f:
d1:d9:28:14:20:bf:57:7f:5b:59:d2:49:f9:fc:35:
24:68:4d:6f:87:6d:3f:8e:2c:32:bf:77:91:ee:af:
f7:68:5f:71:0f:d9:56:0a:08:5d:ca:f3:67:d4:af:
88:0e:c4:8e:a9:c1:fb:9c:2b:7d:4a:a8:c7:68:69:
04:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:A8:6F:2F:8E:FF:66:8A:D9:5C:F9:09:6F:56:A2:2D:38:CF:5E:C1
X509v3 Authority Key Identifier:
keyid:49:DD:8F:1A:62:A5:D7:F8:02:12:DE:0F:3E:FE:75:B2:FA:33:8F:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sd2PGmKl1_gCEt4PPv51svozj_4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/01b1ef-233b-4d6f-8dcf-ceec49124c0f/1/7qhvL47_ZorZXPkJb1aiLTjPXsE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/01b1ef-233b-4d6f-8dcf-ceec49124c0f/1/Sd2PGmKl1_gCEt4PPv51svozj_4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.196.0/23
82.199.222.0/23
91.213.191.0/24
91.217.185.0/24
185.90.252.0/24
185.95.206.0/23
212.95.142.0/24
212.95.148.0/24
212.95.156.0/24
212.95.158.0/24
223.25.127.0/24
IPv6:
2a12:f680:200::/47
2a12:f680:204::-2a12:f680:208:ffff:ffff:ffff:ffff:ffff
2a12:f680:214::/48
2a12:f680:220::-2a12:f680:27f:ffff:ffff:ffff:ffff:ffff
2a12:f680:600::-2a12:f680:602:ffff:ffff:ffff:ffff:ffff
2a12:f680:604::/48
2a12:f680:606::/48
2a12:f680:620::-2a12:f680:67f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
6e:04:6a:45:39:01:c2:9e:c3:5a:f4:ac:a6:c4:01:8b:57:10:
1c:d9:9d:d1:f2:f9:ff:b8:51:eb:08:cc:d7:ce:cd:69:df:b9:
c3:d1:e4:1c:31:4c:ae:09:4b:46:70:d6:ee:a5:9d:ca:f2:d3:
a7:ab:d6:4a:79:49:11:e7:4e:9b:34:43:fd:47:b8:f0:17:d9:
03:40:fb:fc:2d:a9:12:31:da:c3:8b:30:a0:23:b9:4b:d6:13:
d0:e7:a6:d0:f6:5d:93:1c:3b:dc:b5:75:45:62:ff:ab:8d:2b:
bf:31:95:ea:05:f8:6d:1e:6d:73:65:f9:09:29:a0:86:95:14:
89:60:1d:93:51:c6:97:69:63:cf:05:55:91:fb:bd:b4:eb:8a:
94:e6:eb:5a:6c:87:dd:c6:c4:4c:b2:cf:35:d4:38:59:1b:dc:
1f:f6:ac:36:33:73:57:02:45:85:56:cc:09:ef:0f:96:94:8d:
06:88:d0:2e:f7:e6:a4:03:1a:c4:9a:13:7f:07:37:62:b8:06:
38:1a:4f:9f:00:57:08:43:2f:8e:dd:e5:22:a5:9f:5d:72:dd:
9c:2b:b8:ff:c9:58:a7:cf:4a:58:f3:27:f7:ec:57:d3:b8:8f:
af:97:e1:b1:59:73:07:fb:54:40:7b:41:2e:bd:7a:a9:94:6b:
96:76:f2:19
-----BEGIN CERTIFICATE-----
MIIFtzCCBJ+gAwIBAgISAZ4lu/oyPRA/sJtSS5DLl4h2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZGQ4ZjFhNjJhNWQ3ZjgwMjEyZGUwZjNlZmU3NWIyZmEz
MzhmZmUwHhcNMjYwNTE0MDkwNTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWE4NmYyZjhlZmY2NjhhZDk1Y2Y5MDk2ZjU2YTIyZDM4Y2Y1ZWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/eJyX+r5qVCSV8ad5TMIYJieOek
u9+XbvYBLJDgE2IMR9qx+KhXwUeEyXrsFLJjKVVqBpwrPR7Ig6JsdQHWlRD4VS0X
hVIzu7HN0gUuL2lopsH6D/5l7lUtTwKUTU8SyLpFht7Gknsl1700DWHMBy5QI01j
F13xM8frCduTlHyyRFg3LAiTlkevS7cwPBVgbyorvBJmfJXLVca2Rjxf2tkTL1k+
aiQV2a/IJTGb08AVHJnalKucE0apilQfterwRo/R2SgUIL9Xf1tZ0kn5/DUkaE1v
h20/jiwyv3eR7q/3aF9xD9lWCghdyvNn1K+IDsSOqcH7nCt9SqjHaGkEewIDAQAB
o4ICwzCCAr8wHQYDVR0OBBYEFO6oby+O/2aK2Vz5CW9Woi04z17BMB8GA1UdIwQY
MBaAFEndjxpipdf4AhLeDz7+dbL6M4/+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2QyUEdtS2wxX2dDRXQ0UFB2NTFzdm96al80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8wMWIxZWYtMjMzYi00ZDZmLThkY2Yt
Y2VlYzQ5MTI0YzBmLzEvN3Fodkw0N19ab3JaWFBrSmIxYWlMVGpQWHNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8wMWIxZWYtMjMzYi00ZDZmLThkY2YtY2VlYzQ5MTI0YzBm
LzEvU2QyUEdtS2wxX2dDRXQ0UFB2NTFzdm96al80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHYBggrBgEFBQcBBwEB/wSByDCBxTBIBAIAATBCAwQBBbXE
AwQBUsfeAwQAW9W/AwQAW9m5AwQAuVr8AwQBuV/OAwQA1F+OAwQA1F+UAwQA1F+c
AwQA1F+eAwQA3xl/MHkEAgACMHMDBwEqEvaAAgAwEgMHAioS9oACBAMHACoS9oAC
CAMHACoS9oACFDASAwcFKhL2gAIgAwcHKhL2gAIAMBEDBgEqEvaABgMHACoS9oAG
AgMHACoS9oAGBAMHACoS9oAGBjASAwcFKhL2gAYgAwcHKhL2gAYAMA0GCSqGSIb3
DQEBCwUAA4IBAQBuBGpFOQHCnsNa9KymxAGLVxAc2Z3R8vn/uFHrCMzXzs1p37nD
0eQcMUyuCUtGcNbupZ3K8tOnq9ZKeUkR506bNEP9R7jwF9kDQPv8LakSMdrDizCg
I7lL1hPQ56bQ9l2THDvctXVFYv+rjSu/MZXqBfhtHm1zZfkJKaCGlRSJYB2TUcaX
aWPPBVWR+72064qU5utabIfdxsRMss811DhZG9wf9qw2M3NXAkWFVswJ7w+WlI0G
iNAu9+akAxrEmhN/BzdiuAY4Gk+fAFcIQy+O3eUipZ9dct2cK7j/yVinz0pY8yf3
7FfTuI+vl+GxWXMH+1RAe0EuvXqplGuWdvIZ
-----END CERTIFICATE-----
Generated at Thu Jun 4 13:24:35 2026 by rpki-client